A new biometric identity based encryption scheme secure against DoS attacks

Recently, Sarier [1] proposed an efficient biometric Identity Based Encryption (IBE) scheme called BIO-IBE using the Sakai Kasahara Key Construction and proved its security in the Random Oracle Model (ROM) based on the well-exploited k-BDHI computational problem. Despite its efficiency compared to other fuzzy IBE systems implemented for biometric identities, BIO-IBE is not secure against a new type of denial of service (DoS) attack that we present. In this context, we describe a new biometric IBE scheme and show that our scheme is immune against this attack due to the signature applied on the public value PAR of the user. This way, the sender can detect whether PAR of the receiver that is stored publicly is modified by an active adversary, thus the generation of a ciphertext based on a wrong identity is avoided. The main difference of the new scheme is the structure of the key generation algorithm, where a unique biometric identity string ID obtained from the biometric attributes is used instead of picking a different polynomial for each user as in other fuzzy IBE schemes. In addition to the well-defined security model for current fuzzy IBE schemes, we describe a stronger security model and prove the security of our scheme in this framework achieving a better reduction cost compared to BIO-IBE. Finally, our scheme provides security against DoS attacks and better efficiency in terms of the key generation and decryption algorithms compared to the existing fuzzy IBE schemes. Copyright (C) 2009 John Wiley & Sons, Ltd.